diff options
| author | Dmitry Stogov <dmitry@php.net> | 2008-09-02 13:22:16 +0000 |
|---|---|---|
| committer | Dmitry Stogov <dmitry@php.net> | 2008-09-02 13:22:16 +0000 |
| commit | 51eb7f5de98050c6395d660cd7c13a968127093d (patch) | |
| tree | 16b6662fe0bacc492fa5233b2fcf7b19136b91ba /sapi | |
| parent | 5b0e87618b4f43e6667e948d222dd21dd2c5d326 (diff) | |
| download | php-git-51eb7f5de98050c6395d660cd7c13a968127093d.tar.gz | |
Fixed bug #45860 (header() function fails to correctly replace all Status lines)
Diffstat (limited to 'sapi')
| -rw-r--r-- | sapi/cgi/cgi_main.c | 15 | ||||
| -rw-r--r-- | sapi/cgi/tests/010.phpt | 53 |
2 files changed, 66 insertions, 2 deletions
diff --git a/sapi/cgi/cgi_main.c b/sapi/cgi/cgi_main.c index 87f7998201..f659536ca6 100644 --- a/sapi/cgi/cgi_main.c +++ b/sapi/cgi/cgi_main.c @@ -375,6 +375,7 @@ static int sapi_cgi_send_headers(sapi_headers_struct *sapi_headers TSRMLS_DC) char buf[SAPI_CGI_MAX_HEADER_LENGTH]; sapi_header_struct *h; zend_llist_position pos; + zend_bool ignore_status = 0; if (SG(request_info).no_headers == 1) { return SAPI_HEADER_SENT_SUCCESSFULLY; @@ -430,6 +431,7 @@ static int sapi_cgi_send_headers(sapi_headers_struct *sapi_headers TSRMLS_DC) } if (!has_status) { PHPWRITE_H(buf, len); + ignore_status = 1; } } @@ -437,8 +439,17 @@ static int sapi_cgi_send_headers(sapi_headers_struct *sapi_headers TSRMLS_DC) while (h) { /* prevent CRLFCRLF */ if (h->header_len) { - PHPWRITE_H(h->header, h->header_len); - PHPWRITE_H("\r\n", 2); + if (h->header_len > sizeof("Status:")-1 && + strncasecmp(h->header, "Status:", sizeof("Status:")-1) == 0) { + if (!ignore_status) { + ignore_status = 1; + PHPWRITE_H(h->header, h->header_len); + PHPWRITE_H("\r\n", 2); + } + } else { + PHPWRITE_H(h->header, h->header_len); + PHPWRITE_H("\r\n", 2); + } } h = (sapi_header_struct*)zend_llist_get_next_ex(&sapi_headers->headers, &pos); } diff --git a/sapi/cgi/tests/010.phpt b/sapi/cgi/tests/010.phpt new file mode 100644 index 0000000000..e633ad28ba --- /dev/null +++ b/sapi/cgi/tests/010.phpt @@ -0,0 +1,53 @@ +--TEST-- +Bug #45860 (header() function fails to correctly replace all Status lines) +--SKIPIF-- +<?php include "skipif.inc"; ?> +--FILE-- +<?php + +include "include.inc"; + +$php = get_cgi_path(); +reset_env_vars(); + +$f = tempnam(sys_get_temp_dir(), 'cgitest'); + +putenv("TRANSLATED_PATH=".$f."/x"); +putenv("SCRIPT_FILENAME=".$f."/x"); +file_put_contents($f, '<?php +header("HTTP/1.1 403 Forbidden"); +header("Status: 403 Also Forbidden"); +?>'); + +echo (`$php -n $f`); + +file_put_contents($f, '<?php +header("HTTP/1.1 403 Forbidden"); +?>'); + +echo (`$php -n $f`); + +file_put_contents($f, '<?php +header("Status: 403 Also Forbidden"); +?>'); + +echo (`$php -n $f`); + +echo "Done\n"; + +@unlink($f); +?> +--EXPECTF-- +Status: 403 Forbidden +X-Powered-By: PHP/%s +Content-type: text/html + +Status: 403 Forbidden +X-Powered-By: PHP/%s +Content-type: text/html + +X-Powered-By: PHP/%s +Status: 403 Also Forbidden +Content-type: text/html + +Done |